-->
Page 1111
NO_NAME_BANNER displays the banner if no username was given.
REJECTED_BANNER displays the rejected banner if the site fingering your system was in the banned_site listing.
SYSTEM_LIST displays the system list if one was requested.
NO_NAME displays the no_name display file if no user was selected.
INTERNAL CONFIG CONFIGURE SECTION (CONFIG internal config)
Each item in this section is a switchable option. This means that a + before the item is turned on and a _ before the item is turned off.
ALLOW_MULTIPLE_FINGER_DISPLAY allows you to give a sorted output of all users on more than one specific system. This is useful when you have more than one ISP machine, located in different cities or even states.
ALLOW_SEARCHABLE_FINGER allows you to let others outside your system (or within it) to search for a specific username by using the search.username directive.
ALLOW_NO_IP_MATCH_FINGER allows you to let sites finger your system if a hostname could not be matched to their IP address successfully.
ALLOW_USER_OVERRIDE will allow your users to override specific options in the FINGER DISPLAY section that you enable.
ALLOW_USERLIST_ONLY will allow other sites that are fingering your system for a specific compiled user list to finger your system and get a user listing of who's online. This could be a security risk, so you might want to turn this option off if you feel it's a security risk.
ALLOW_FINGER_FORWARDING will allow other sites to forward finger requests to a different machine if the user could not be located on the current machine. (In order to use this option, you must have the HOSTS finger forward option set and have other sites in there.)
ALLOW_STRICT_FORMATTING makes the finger display remove all returns between display options. This makes the finger display look horrible (as with GNU Finger or the other generic fingers) and makes your system look, well, "generic."
ALLOW_VERBOSE_TIMESTAMPING makes the timestamp that is displayed (at any place) very verbose. For instance, where it used to say
On since Sat Aug 12 03:43PM(PDT)
would now be shown as
On since Sat Aug 12, 1995 03:43PM(PDT)
(Basically, ALLOW_VERBOSE_TIMESTAMPING just takes up more room on the display field.)
ALLOW_NONIDENT_ACCESS lets you only allow connections from sites that run the ident daemon (or RFC 1413-compliant program.) This is for security sake and is a good measure against unknown users trying to finger your system. If this option is enabled, users who do not have identd running on their system (such as Windows users) will be able to finger your system. Systems not running identd will return unknown as the user ID and will not be permitted to finger a user on your system.
ALLOW_FINGER_LOGGING enables cfingerd to use the LOGFILE file to store any logs of activity that happen to your system via finger.
ALLOW_LINE_PARSING makes cfingerd parse each line of every display file (including the plan, project, and pgp files) for any cfingerd-specific $ commands. If any are found, cfingerd will parse these commands and display correct information accordingly. Otherwise, if this is turned off, the display will appear without parsed commands.
ALLOW_EXECUTION will allow users to execute scripts in place of their .plan, .project, and .pgp files. This is used to display the standard output of another program directly to the screen of the user. Keep in mind that this is a huge security risk if you choose to use it. It's normally suggested that this option remain off, but you can turn it on if necessary. Nevertheless, these programs are called as nobody.nogroup.
Page 1112
ALLOW_FAKEUSER_FINGER turns on or off the fake user option in cfingerd. If you want fake users to be defined and available to be fingered, you will want to enable this option. This can be a security risk in some instances if you allow for searchable fingers and your script calls an execute routine on that variable. Chances are that'll never happen.
ALLOW_USERLOG will allow users to keep track of who has fingered them and at what time. A little file called .fingerlog will appear in their directory, which they can examine to see who has fingered them. If you don't care about this, you can disable it. Otherwise, it's not a bad idea. (It also logs root fingers as well.)
SYSTEM LIST SITES CONFIGURE SECTION (CONFIG system list sites)
This is just a series of hostnames that you want to finger when displaying your user-list display. If you have more than one system that you want to show, simply put their hostname in this list, separated on a line by itself.
For example, if I have a separate ISP system that I'm running on the side, say chatlink.com, I would change my configuration to say
CONFIG system_list_sites = { chatlink.com, localhost }
Remember, if you are listing only a couple of sites, list the sites you will want to have listed (in order) first. The ending entry must be localhost or the finger listing will not include your site. If you include localhost anywhere else in the list, it will stop once it has reached the localhost entry, so remember to list it last!
I want to get a user listing from my own machine and from chatlink.com's system. This would be automatically formatted nicely (sorted and parsed) and would display on the screen in sorted order. This program is usually used in tandem with the supplied userlist(1) program.
If no system list sites are specified, multiple system sites will not be specified.
TRUSTED HOST SECTION (HOSTS trusted)
This is a listing of the sites that you allow to finger your system exclusively, giving them the same access that your local users would get. In other words, they are treated as localhost users.
Each site that you list in this section should be separated by using the , directive. You can include up to 80 sites in this listing.
Wildcards are supported in this section, and you can use them in the regex format as well. Any wildcards with *, ?, or any other regex wildcard matching character will work. IP addresses will also work. Hostnames are compared case insensitive.
REJECTED HOST SECTION (HOSTS rejected)
This is a listing of the sites that you do not allow to finger your system. These sites don't get to finger anyone (or anything for that matter) on your system, regardless of what they try to do. In essence, finger is cut off to that particular system.
Each site that you list in this section should be separated by using the , directive. You can include up to 80 sites in this listing.
Wildcards are supported in this section, and you can use them in the regex format as well. Any wildcards with *, ?, or any other regex wildcard matching character will work. IP addresses will also work. Hostnames are compared case insensitive.
FORWARDED HOST SECTION (HOSTS finger forward)
This is a listing of sites that are used to forward a finger query to when a finger request was processed but that particular user was not found on the associated system. It will step through this listing, and it will search for the user in question. If the user could not be found, then it will step through to the next host and the next, until it finds one.
Each site that you list in this section should be separated by using the , directive. You can include up to 80 sites in this listing.
Wildcards are supported in this section, and you can use them in the regex format as well. Any wildcards with *, ?, or any other regex wildcard matching character will work. Hostnames are compared case insensitive.
If you do not specify any forwarding sites in this section, finger forwarding will be disabled for your system.